Menu
(and if not, does it actually improve client side security?)
I'm thinking of the case where a script from server X uses XHR to obtain and run untrusted code from server Y (which supports CORS).
(obviously evaluating untrusted code is bad™)
535
I do not use CORS to improve security at all. I use CORS to access a known webservice on a different domain which I would not be allowed to access without CORS. Nothing to do with improving security in my opinion, but to allow data from one domain to be entrusted to another.
172
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
